An ACM CCS Workshop
"CYBERSECURITY IN HEALTHCARE"
(HealthSec) 2024
https://publish.illinois.edu/healthsec/
Monday, October 14th, 2024 in Salt Lake City, Utah USA (location to be
announced)
An interdisciplinary workshop to be held in conjunction with the 31st
ACM Conference on Computer and Communications Security (CCS 2024)
Call for Papers
In its most basic form, healthcare is gathering data, interpreting
data into information, and transforming information into current human
knowledge that can be acted upon, with each of these stages open to
unintended errors and/or malicious subversion. These stages do not
occur within a vacuum but rather within our existing infrastructures
and social system with all their current limitations, systemic bias,
and exploitable vulnerabilities. While a similar characterization can
be made about security in other applied domains, healthcare is
undergoing a dramatic transformation, arguably the next technological
revolution, presenting immediate opportunities for improvement along
with corresponding challenges in security.
Our desire is to bring together diverse researchers from academia,
government, and the healthcare industry to report on latest research
efforts. As this is the inaugural workshop focusing on cybersecurity
in healthcare, we aim to encourage, jumpstart, and grow excellent
interdisciplinary contributions at the forefront of research. Papers
with demonstrated results will be given priority. We seek submissions
from researchers and practitioners on a list of potential topics which
includes, but is not limited to:
Cybersecurity issues (including risks, challenges, incidences,
solutions, approaches)
Healthcare as critical national infrastructure
AI in healthcare (e.g. clinical decision support software,
ambient clinical documentation)
Big data/high performance computing (HPC) in healthcare
Encryption, authentication, provenance of storage in
healthcare environments
Healthcare supply chains
Online health communities
Health information exchanges (HIEs)
Electronic health records (EHRs)
Telehealth and/or patient portals
Internet of (medical) Things (MIoT)
Medical devices, medical implants, and/or medical wearables
Wireless/mobile healthcare and/or remote patient monitoring
Digital healthcare tools to improve patient safety
Safety engineering in clinical facility settings
Healthcare insider threats
Software-controlled robotic medical systems
Updating/patching software and re-certification of medical devices
Ransomware attacks on healthcare especially hospitals *
Events resulting in (HIPAA/GDPR) healthcare privacy breaches **
Comparisons of IT infrastructure in different types of healthcare
facilities/services
Empirical study of cybersecurity in a specific healthcare IT environment
Research specifically addressing the Conficker worm/botnet medical
device air gap
Policy/Economics/Legal/Ethical position papers – addressing
cybersecurity issues in healthcare
Technical efforts by governmental entities to improve
cybersecurity in healthcare
Papers with the following as their only foci are discouraged:
Cybersecurity best practice recommendations for healthcare organizations
* Longitudinal studies showing increasing cyberattacks on healthcare
** Papers mixing analysis of privacy breaches with ransomware outages
If you have any questions, please email the workshop chairs.
Workshop Chairs / Organizing Committee:
CHAIR – William (Bill) Yurcik, Centers for Medicare & Medicaid
Services (CMS HQ) (healthsec DOT 2024 DOT chair AT gmail DOT com)
VICE-CHAIR – Gregory Pluta, U of Illinois at Urbana-Champaign
(gpluta AT illinois DOT edu)
VICE-CHAIR – Toan Luong, MITRE (tluong AT mitre DOT org)
VICE-CHAIR & LOCAL SITE COORDINATOR – Luis Garcia, U of Utah
(lgarcia AT cs DOT utah DOT edu)
INVITED KEYNOTE SPEAKER – Erik Decker/CISO Intermountain Health,
Salt Lake City, UT
Important Dates
Paper Submission Deadline: Thursday June 20th 2024 (before 23:59
6/20/24 ANYWHERE ON EARTH!)
Paper Review Deadline for PC Members: Thursday July 18th 2024
Paper Acceptance Notification: Thursday August 8th 2024
Camera-Ready Accepted Paper Deadline: Thursday September 5th 2024
(Firm Deadline)
HealthSec 2024 Workshop Date: Monday, October 14th, 2024
(Columbus Day, Federal Holiday in USA)
Submission Guidelines:
Regular paper submissions should be at most 8 pages in double-column
ACM format including references and appendices (the latest sigconf
template is here https://www.acm.org/publications/proceedings-template
— authors should not change the font or the margins of the ACM
format. Papers should be in English and describe original work that is
not previously published or concurrently submitted
elsewhere. Submissions should NOT be anonymized.
Submissions are to be made to the CCS-2024 Workshop submission website
(EasyChair) at . You will be requested to upload the
file of your paper (in PDF format only). Submissions not meeting these
guidelines risk rejection without consideration of their
merits. Proceedings of the workshop will be published by ACM on a CD,
available to the workshop attendees. Papers will be included in the
ACM Digital Library, with a specific ISBN.
At least one author of each accepted regular paper is required to
register to attend the ACM CCS HealthSec Workshop by the early-bird
registration deadline. It is expected that each regular paper will be
presented in-person at the HealthSec workshop.
Position Papers. Please email your position paper topic idea directly
to the workshop chair for feedback and instructions before you submit
a draft. Position papers can be up to 12 pages in length with the
title starting with "Position Paper: ".
Proposals for panels are also solicited. Panel proposals are to be
concise, up to 2 pages in length, name potential panelists, and
describe the topics to be discussed. Disruptive and controversial
panels are particularly encouraged. Please email your panel proposal
as a PDF attachment directly to the workshop chair.
Optional pre-submission assistive review for authors:
To support authors preparing to submit their work to HealthSec-2024,
select members of our program committee are generously offering
assistive feedback to help improve papers before the submission
deadline! To request feedback, email healthsec24@assistivereview.org
and either attach a copy of your draft or (better) a link to a URL
that will be updated to your latest draft. Please also specify the
content upon which you would like reviewers to focus their feedback.
One reason we are experimenting with pre-submission author-assistive
feedback this year is to help level the playing field for authors who
do not have experience submitting to ACM CCS workshops themselves or
access to peers with this experience. For example, such feedback may
be helpful to medical professionals new to cybersecurity or to
cybersecurity researchers new to healthcare. Regardless, all authors
may take advantage of this optional service, though we cannot
guarantee that we will be able to provide feedback to every request.
Cybersecurity in Healthcare (HealthSec) 2024 Program Committee: {8
medical professionals starred}
Jenny Amos, University of Illinois-UC
Spiros Antonatos, Aegis Technologies
Zahid Anwar, Baker Hughes
Stefan Axelsson, Stockholm University
James Barlow, YAHOO
Roelof Boonstra, Physician Software Systems
Debra Bruemmer, MedSec
Christopher Bunnell, UniteGPS
Roy Campbell, University of Illinois-UC (Emeritus)
George Cantwell, University of Cambridge
Guenevere Chen, University of Texas San Antonio
Sung Choi, University of Central Florida
Michael Collins, USC ISI
* Christian Dameff MD, UCSD Health
Marek Druzdzel, Bialystok University of Technology
Robert F. Erbacher, Army Research Lab
Wade Fagen-Ulmschneider, University of Illinois-UC
Francisco Fonseca, BitSight
Allan Friedman, CISA
Deborah Frincke, Sandia National Lab
Kevin Fu, Northeastern Univ(fmr FDA Med Devices)
Simson Garfinkel, BasisTech
Michael T. Gastner, Singapore Inst of Technology
Carrie Gates, Bank of America
Dan Geer, In-Q-Tel
Carl Gunter, University of Illinois-UC
Jaiwei Han, University of Illinois-UC
Dan Harkness, Argonne National Lab
Ragib Hasan, University of Alabama at Birmingham
* Colton Hood MD, George Washington U Hospital
Tadd Hopkins, BitSight
Allen Householder, CMU SEI CERT
Haochen Huang, Whova
Cynthia Irvine, Naval Postgraduate School
* Anupam B. Jena MD, Harvard Medical School
Eric Johnson, Vanderbilt University
James Joshi, University of Pittsburgh
Nikolai Joukov, modelizeIT
Nadir Kiyanclar, Oracle
Gregory Koenig, Arkstro
Scott Kruse, Texas State University
Kiran Lakkaraju, Sandia National Lab
Tom Linehan, BitSight
Kwan-Liu Ma, UC-Davis
John McHugh, AssuranceLabs, Inc.
Forrest Xin Meng, DragonPass
Ethan Miller, UC-Santa Cruz
Jacki Monson, Sutter Health
Suvda Myagmar, SalesForce
Peter G. Neumann, SRI
Stephen North, Infovisible
* Godwin Odia, Captain USPHS (Ret), Applied Health Informatics
Rhonda O'Kane, BitSight
Sean Peisert, Lawrence Berkeley National Lab
Eric Perakslis, Pluto Health
Jim Prewett, University of New Mexico
Ronald Pulivarti, NIST
Raj Rajagopalan, Resideo
Ram Ramadoss
Esa M. Rantanen, Rochester Inst of Technology
Daniel Reed, University of Utah
Will Ricciardi, BitSight
Nichols Romero, AMD
Jeremy Rossi, Binary Data Engineering
Avi Rubin, Harbor Labs
Marcus Sachs, Center for Internet Security
* Rami Saydjari MD, Ronin Institute
Sami Saydjari, Dartmouth University
Stuart Schechter, Harvard University
Andreas Schick, FDA
Naomi Schwartz, Medcrypt
Cigdem Sengul, Brunel University
Aashish Sharma, Lawrence Berkeley National Lab
Bryan Smith, Boldend
* Natalie Sullivan MD, George Washington U Hospital
* Jeff Tully MD, UCSD Health
Eugene Vasserman, Kansas State University
Jun Wang, Rackspace Hosting
David Wiegandt, Sandia National Lab
* Christopher Worsham MD, Mass General & Harvard Medical School
Felix Wu, UC-Davis
Xiaoxin Yin, Airbnb
Erez Zadok, Stony Brook University
HealthSec
Email: gpluta@illinois.edu